From 7a809d5d211dc7cab58ef55b9103dcf61ab274d4 Mon Sep 17 00:00:00 2001 From: Sean Koniarz <54359655+s-koniarz@users.noreply.github.com> Date: Tue, 22 Oct 2019 08:53:00 -0700 Subject: [PATCH] Set proper sourcetype for checkpoint string (#175) --- docs/sources.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/sources.md b/docs/sources.md index 3a1d72f..5b912bc 100644 --- a/docs/sources.md +++ b/docs/sources.md @@ -61,7 +61,7 @@ MSG Parse: This filter parses message content Use the following search to validate events are present ``` -index= sourcetype=cisco:asa +index= sourcetype=cp_log ``` Verify timestamp, and host values match as expected